Strona główna Odkrywaj Pomoc
Zaloguj się
PUBLIC_REPOS
/
buildroot
kopia lustrzana git://git.buildroot.net/buildroot
2
1
Forkuj 0
Pliki
Przeglądaj źródła

dbus: bump to version 1.10.24

Drop upstream patch.

Add license hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Baruch Siach 7 lat temu
rodzic
14aff36717
commit
aab816d0d2
3 zmienionych plików z 5 dodań i 84 usunięć
Zunifikowany widok Pokaż statystyki zmian
  1. 0 78
      package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
  2. 4 2
      package/dbus/dbus.hash
  3. 1 4
      package/dbus/dbus.mk

+ 0 - 78
package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
Wyświetl plik 

@@ -1,78 +0,0 @@
 
-From 1252dc1d1f465b8ab6b36ff7252e395e66a040cf Mon Sep 17 00:00:00 2001
 
-From: Simon McVittie <smcv@debian.org>
 
-Date: Fri, 21 Jul 2017 10:46:39 +0100
 
-Subject: [PATCH 1/2] config-loader-expat: Tell Expat not to defend against
 
- hash collisions
 
-
 
-By default, Expat uses cryptographic-quality random numbers as a salt for
 
-its hash algorithm, and since 2.2.1 it gets them from the getrandom
 
-syscall on Linux. That syscall refuses to return any entropy until the
 
-kernel's CSPRNG (random pool) has been initialized. Unfortunately, this
 
-can take as long as 40 seconds on embedded devices with few entropy
 
-sources, which is too long: if the system dbus-daemon blocks for that
 
-length of time, important D-Bus clients like systemd and systemd-logind
 
-time out and fail to connect to it.
 
-
 
-We're parsing small configuration files here, and we trust them
 
-completely, so we don't need to defend against hash collisions: nobody
 
-is going to be crafting them to cause pathological performance.
 
-
 
-Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101858
 
-Signed-off-by: Simon McVittie <smcv@debian.org>
 
-Tested-by: Christopher Hewitt <hewitt@ieee.org>
 
-Reviewed-by: Philip Withnall <withnall@endlessm.com>
 
-
 
-Upstream commit 1252dc1d1f465b8ab6b36ff7252e395e66a040cf
 
-Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com>
 
----
 
- bus/config-loader-expat.c | 14 ++++++++++++++
 
- configure.ac              |  8 ++++++++
 
- 2 files changed, 22 insertions(+)
 
-
 
-diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c
 
-index b571fda3..27cbe2d0 100644
 
---- a/bus/config-loader-expat.c
 
-+++ b/bus/config-loader-expat.c
 
-@@ -203,6 +203,20 @@ bus_config_load (const DBusString      *file,
 
-       goto failed;
 
-     }
 
- 
-+  /* We do not need protection against hash collisions (CVE-2012-0876)
 
-+   * because we are only parsing trusted XML; and if we let Expat block
 
-+   * waiting for the CSPRNG to be initialized, as it does by default to
 
-+   * defeat CVE-2012-0876, it can cause timeouts during early boot on
 
-+   * entropy-starved embedded devices.
 
-+   *
 
-+   * TODO: When Expat gets a more explicit API for this than
 
-+   * XML_SetHashSalt, check for that too, and use it preferentially.
 
-+   * https://github.com/libexpat/libexpat/issues/91 */
 
-+#if defined(HAVE_XML_SETHASHSALT)
 
-+  /* Any nonzero number will do. https://xkcd.com/221/ */
 
-+  XML_SetHashSalt (expat, 4);
 
-+#endif
 
-+
 
-   if (!_dbus_string_get_dirname (file, &dirname))
 
-     {
 
-       dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
 
-diff --git a/configure.ac b/configure.ac
 
-index 52da11fb..c4022ed7 100644
 
---- a/configure.ac
 
-+++ b/configure.ac
 
-@@ -938,6 +938,14 @@ XML_CFLAGS=
 
- AC_SUBST([XML_CFLAGS])
 
- AC_SUBST([XML_LIBS])
 
- 
-+save_cflags="$CFLAGS"
 
-+save_libs="$LIBS"
 
-+CFLAGS="$CFLAGS $XML_CFLAGS"
 
-+LIBS="$LIBS $XML_LIBS"
 
-+AC_CHECK_FUNCS([XML_SetHashSalt])
 
-+CFLAGS="$save_cflags"
 
-+LIBS="$save_libs"
 
-+
 
- # Thread lib detection
 
- AC_ARG_VAR([THREAD_LIBS])
 
- save_libs="$LIBS"
 
--- 
-2.11.0
 
-

+ 4 - 2
package/dbus/dbus.hash
Wyświetl plik 

@@ -1,3 +1,5 @@
 
 # Locally calculated after checking pgp signature
 
 # Locally calculated after checking pgp signature
 
-# http://dbus.freedesktop.org/releases/dbus/dbus-1.10.22.tar.gz.asc
 
-sha256	e2b1401e3eedc7b5c9a2034d31254c886e1fcbc7858006e0a1c59158fe4b7b97  dbus-1.10.22.tar.gz
 
+# https://dbus.freedesktop.org/releases/dbus/dbus-1.10.24.tar.gz.asc
 
+sha256	71184eb27638e224579ffa998e88f01d0f1fef17a7811406e53350735eaecd1b  dbus-1.10.24.tar.gz
 
+# Locally calculated
 
+sha256	0e46f54efb12d04ab5c33713bacd0e140c9a35b57ae29e03c853203266e8f3a1  COPYING

+ 1 - 4
package/dbus/dbus.mk
Wyświetl plik 

@@ -4,11 +4,8 @@
 
 #
 
 #
 
 ################################################################################
 
 ################################################################################
 
 
 
-DBUS_VERSION = 1.10.22
 
+DBUS_VERSION = 1.10.24
 
 DBUS_SITE = https://dbus.freedesktop.org/releases/dbus
 
 DBUS_SITE = https://dbus.freedesktop.org/releases/dbus
 
-
 
-# 0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
 
-DBUS_AUTORECONF = YES
 
 DBUS_LICENSE = AFL-2.1 or GPL-2.0+ (library, tools), GPL-2.0+ (tools)
 
 DBUS_LICENSE = AFL-2.1 or GPL-2.0+ (library, tools), GPL-2.0+ (tools)
 
 DBUS_LICENSE_FILES = COPYING
 
 DBUS_LICENSE_FILES = COPYING
 
 DBUS_INSTALL_STAGING = YES
 
 DBUS_INSTALL_STAGING = YES